Fingerprint Scanning

VP Phil Schiller

Apples iPhone 5S Unveiling

Apple’s new iPhone 5S unveiled by its VP Phil Schiller now contains Fingerprinting capabilities bringing back the discussion if this technology is secure and the privacy implications that come along with this.

Apple has said that it won’t store fingerprint data on its servers — only on the devices themselves, encrypted and locked within the A7 chip. But consumers may still want to think carefully before allowing their phone, and Apple’s App Store, to gain access to such unique identifying information.

The touch ID fingerprint sensor will be built into the home button. It will scan fingerprints in any orientation and fingerprint layers. It can be used it to unlock your phone or make iTunes purchases without entering a password.

So what does Fingerprint Biometric Security look for?

Using your fingerprint for authentication would be ‘What you are’.

This is the technology Apple intends to use. So that a password will not be needed. For added security a Password/Pin should also be used. So the Fingerprint would Identify the user and the Pin would Authenticate the user, but this is not the case here.

Unlike a password which would be ‘What you know’.

With passwords alot of people are trying to find alternatives. This can be using the likes of a pass-phrase or in this case biometrics.

‘What you have’ could be a swipe-card or an RSA Key.

What you have

What you know

Who you are

When a fingerprint is scanned it look at all aspects of its design and edges.

A fingerprint has 6 classes of patterns.

Minutiae

Crossover: two ridges cross each other

Core: center

Bifurcation: ridge separates

Ridge ending: end point

Island: small ridge b/w 2 spaces

Delta: space between ridges

Pore: human pore

Advanced Minutiae Based Algorithm

Feature Extractor

Minutiae Coordinate and Angle are calculated

Core is used as center of reference (0,0)

Matcher

Used to match fingerprint

Trade-off between speed and performance

Group minutiae and categorize by type

Large number of certain type can result in faster searches

How to Hack proof Biometric Security

Once the iPhone 5S is released and been tested 🙂 I am sure many juicy details and hacking techniques will be released.

Example of some ways of protecting against the faking of a Bio Fingerprint could be: